const { verify } = require('../util/jwt')
const { jwtSecret } = require('../config/config.default')
const { User } = require('../model')

module.exports = async (req,res,next) => {
    let token = req.headers['authorization']
    token = token ? token.split('Bearer ')[1] : null
    if(!token){
        return res.status(401).end("请先登录")
    }
    try {
        const decodedToken = await verify(token,jwtSecret)
        console.log('decodedToken: ', decodedToken);
        req.user = await User.findById(decodedToken.userId)
        next()
    } catch (error) {
        return res.status(401).end('权限验证失败')
    }
}